Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill exercises high-risk capabilities (shell, network, env, file reads) but does not declare permissions up front, which prevents meaningful consent and policy enforcement before execution. In this context, the skill can install software, read local credential configuration, and place real outbound calls, so undeclared capabilities materially increase the chance of surprising or unsafe execution.
